This topic describes the differences in features and limits between enhanced NAT gateways and standard NAT gateways.

Comparison of features

Item Enhanced NAT gateway Standard NAT gateway Reference
Multiple NAT gateways in one VPC Supported Not supported Deploy multiple NAT gateways in one VPC
Associating a vSwitch with a NAT gateway Supported Not supported N/A
Billing on an hourly basis Supported Not supported Pay-by-data-transfer
Processing TCP, UDP, and ICMP segments Supported Not supported N/A
Metrics 22 4 Monitor and maintain NAT gateways
Associating multiple elastic IP addresses (EIPs) with a NAT gateway Supported Supported Associate an EIP with a NAT gateway
SNAT Supported Supported Create a SNAT entry to access the Internet
Creating multiple SNAT entries in a SNAT table Supported Supported
Associating multiple EIPs with a SNAT table Supported Supported
DNAT Supported Supported Create a DNAT entry to provide Internet-facing services
DNAT port mapping Supported Supported
DNAT IP mapping Supported Supported
Elastic Compute Service (ECS) instances use SNAT to access services that use DNAT to provide Internet-facing services if the same enhanced NAT gateway is used for SNAT and DNAT Not supported Supported Use SNAT of enhanced NAT gateways to enable ECS instances to access Internet-facing services that use DNAT in the same VPC
Using an EIP for both SNAT and DNAT Supported Not supported

Comparison of limits

Item Enhanced NAT gateway Standard NAT gateway
The maximum number of NAT gateways that can be deployed in a VPC 5. To increase the quota,submit a ticket. 1 (not adjustable)
The maximum number of DNAT entries that can be added to a NAT gateway 100. You can increase the quota. For more information, see Quota management. 100. You can increase the quota. For more information, see Quota management.
The maximum number of SNAT entries that you can add to a NAT gateway 40. You can increase the quota. For more information, see Quota management. 40. You can increase the quota. For more information, see Quota management.
The maximum number of EIPs that you can specify in a SNAT entry 64 (not adjustable) 64 (not adjustable)
Creating a NAT gateway for a VPC that contains a custom route entry whose destination CIDR block is 0.0.0.0/0 Supported Not supported. You must delete the custom route entry whose destination CIDR block is 0.0.0.0/0 before you can create a NAT gateway for the VPC.
Limits on a vSwitch by the bandwidth limit of the EIPs specified in the SNAT entry that is added to the vSwitch Yes. If the EIPs are associated with an EIP bandwidth plan, the vSwitch is limited by the bandwidth limit of the EIP bandwidth plan. Yes. If the EIPs are associated with an EIP bandwidth plan, the vSwitch is limited by the bandwidth limit of the EIP bandwidth plan.
The maximum number of EIPs that can be associated with a NAT gateway 20. You can increase the quota. For more information, see Quota management. 20. You can increase the quota. For more information, see Quota management.
The maximum number of pay-by-data-transfer EIPs that you can associate with a NAT gateway 10. You can increase the quota. For more information, see Quota management. 10. You can increase the quota. For more information, see Quota management.
The bandwidth limit of a pay-by-data-transfer EIP that is associated with a NAT gateway 200 Mbit/s. If the EIP is associated with an EIP bandwidth plan, the bandwidth of the EIP that is associated with the enhanced NAT gateway is unlimited. 200 Mbit/s (not adjustable)
The bandwidth limit of a NAT gateway 5 Gbit/s. If the total bandwidth of the EIPs or EIP bandwidth plans is greater than 5 Gbit/s,submit a ticket to increase the quota. A NAT gateway does not have a bandwidth limit. The bandwidth limit depends on the bandwidth limit of the EIPs that are associated with SNAT or DNAT entries. The bandwidth limit also depends on the bandwidth limit of the EIP bandwidth plans with which the EIPs are associated.

For example, you create a SNAT entry for a NAT gateway, and specify five pay-by-data-transfer EIPs and two pay-by-bandwidth EIPs whose bandwidth limits are 500 Mbit/s bandwidth in the SNAT entry. The bandwidth of the NAT gateway is limited to 2,000 Mbit/s. This value is calculated based on the following formula: 5 × 200 Mbit/s + 2 × 500 Mbit/s = 2,000 Mbit/s. If the seven EIPs are associated with the same EIP bandwidth plan, and the bandwidth of the EIP bandwidth plan is limited to 1,000 Mbit/s, the bandwidth limit of the NAT gateway is 1,000 Mbit/s.

The maximum number of concurrent connections for an EIP is 55,000. Yes Yes
The bandwidth limit of an EIP in an EIP bandwidth plan is 200 Mbit/s. No Yes
Users of NAT service plans cannot associate EIPs with NAT gateways. Yes Yes
You can change the bandwidth limit of the EIP bandwidth plan that is associated with a NAT gateway. For example, you can upgrade the bandwidth limit from less than 1 Gbit/s to greater than 1 Gbit/s. You can also downgrade the bandwidth limit from greater than 1 Gbit/s to less than 1 Gbit/s. When you change the bandwidth limit of the EIP bandwidth plan, your service may be temporarily interrupted. No Yes
Your service may be temporarily interrupted when IP addresses in the existing SNAT entries are reduced. Yes Yes
Your service may be temporarily interrupted when IP addresses in the existing SNAT entries are increased. No Yes
Multiple elastic network interfaces (ENIs) are attached to an ECS instance, and an EIP is associated with one of the ENIs. Different ENIs are used to forward the inbound and outbound traffic of the ECS instance. In this scenario, the ECS instance can be accessed from the Internet. No. You must modify the route of the ECS instance before you upgrade the standard NAT gateway to an enhanced NAT gateway. Make sure that the inbound and outbound traffic of the ECS instance is forwarded by using the same ENI. For more information, see Configure routes for ENIs. Yes

References